dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,108 Commits 3 Branches 0 Tags 75 MiB
7c0e6a2d00
Commit Graph

2587 Commits

Author SHA1 Message Date
Christophe Maudoux
4287c39f5b typo 2019-09-11 16:20:28 +02:00
Christophe Maudoux
bb0b5814f7 Fix empty groups (#1791) 2019-09-11 16:18:35 +02:00
Christophe Maudoux
c1af9e49f7 WIP - Append extractFormInfo step & AuthChoiceParam for AuthChoice (#1925) 2019-09-09 23:23:52 +02:00
Christophe Maudoux
132f42d44c Forbid browsers to store users password & Improve unit tests (#1913) 2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4 increase clock tolerance during rest secret check (#1923) 2019-09-06 17:45:51 +02:00
Maxime Besson
00e91f374b Add specific error code when missing a required SAML attr (#1919) 
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
 2019-09-06 11:04:39 +02:00
Clément OUDOT
e54355ff9f Use conf as HASH key (#1619) 2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd Check error message from ITDS (#1619) 2019-09-05 17:14:44 +02:00
Clément OUDOT
17123d6196 Avoid plugin conflicts (#993) 2019-09-05 13:30:49 +02:00
Clément OUDOT
068ffbe604 Define portalDisplayPasswordPolicy parameter in Manager (#993) 2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f Display password policy in password change form (#993) 2019-09-05 12:46:32 +02:00
Clément OUDOT
2f2f62ae1c Check password quality in mail reset plugin (#993) 2019-09-05 12:02:51 +02:00
Clément OUDOT
3700a1b54c Fix logger in Kerberos Auth init 2019-09-04 15:42:33 +02:00
Xavier
ba7f8695f7 Merge branch 'v2.0' (fix versions) 2019-09-03 23:14:45 +02:00
Christophe Maudoux
afd915f64c Merge branch 'v2.0' 2019-09-03 23:00:07 +02:00
Christophe Maudoux
3e9a424090 Update version (#1916) 2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724 Append issuersTimeout option (#1916) 2019-09-03 22:52:07 +02:00
Clément OUDOT
a2d3ae1d03 Local password policy: minimal digits (#993) 2019-09-03 19:08:19 +02:00
Clément OUDOT
28309dca9b Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0 2019-09-03 19:07:22 +02:00
Clément OUDOT
b52bbdb838 Local password policy: minimal upper characters (#993) 2019-09-03 18:45:35 +02:00
Maxime Besson
ff3d4e218c doc: suggest a better fix for #1864 
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
 2019-09-03 18:13:13 +02:00
Clément OUDOT
ef3d6a26c4 Local password policy: minimal lower characters (#993) 2019-09-03 16:10:04 +02:00
Clément OUDOT
8998eb183e Local password policy: minimal size (#993) 2019-09-03 14:30:22 +02:00
Clément OUDOT
82a06fce91 Pass skin parameter in 2F flows (#1915) 2019-09-03 11:56:48 +02:00
Christophe Maudoux
174193e74c Merge branch 'v2.0' 2019-09-01 22:11:33 +02:00
Clément OUDOT
fca831411b Fix call to logger in REST authentication backend 2019-08-30 09:46:25 +02:00
Clément OUDOT
177f446f25 Display main logo in redirect page (#1906) 2019-08-29 19:29:27 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5 Refactor endpoint auth 2019-08-29 18:57:26 +02:00
Xavier Guimard
8ac93e034d Merge branch 'v2.0' 2019-08-29 11:33:42 +02:00
Xavier Guimard
ae6e69667a Fix warning 2019-08-29 10:49:01 +02:00
Xavier Guimard
9379188000 Fix ^ (#1903) 2019-08-28 19:28:20 +02:00
Xavier Guimard
df4e7e7522 Generic fix for issues like #1903 2019-08-28 19:12:29 +02:00
Clément OUDOT
2145483be7 Pass extra args in Combination module (#1903) 2019-08-28 18:22:19 +02:00
Xavier Guimard
4193f4fb51 Merge branch 'v2.0' 2019-08-28 11:35:43 +02:00
Xavier Guimard
1660109e2f Security: use 3-form for open 2019-08-28 11:32:54 +02:00
Xavier
1f2f0240f0 Love Perl (#1863) 
TIMTOWTDI
 2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94 Disable template cache to avoid translation issues in mail (#1897) 2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777 Make regular template variables available in mails 
SKIN, PORTAL_URL, env_*, session_* are now available in email templates

Preliminary work for #1861
 2019-08-27 23:13:36 +02:00
Xavier Guimard
48883dbe4e More tests 2019-08-27 10:32:26 +02:00
Xavier Guimard
323d92fa1b Don't load Data::Dumper unless debug 2019-08-27 10:10:11 +02:00
Xavier
7e5d6d6afd Merge branch 'v2.0' 2019-08-27 07:14:35 +02:00
Clément OUDOT
796d1b12e6 Add _session_kind to default exported attributes (#1896) 2019-08-26 17:38:08 +02:00
Christophe Maudoux
1212cd9ba2 Merge branch 'v2.0' 2019-08-25 18:47:43 +02:00
Christophe Maudoux
ec59cc164c Catch error earlier in process (#1867) 2019-08-24 23:26:42 +02:00
Xavier Guimard
0415370f2c More REST debug 2019-08-22 15:17:51 +02:00
Clément OUDOT
e42e71b5e3 Use LinkedIn v2 API (#1890) 2019-08-22 14:51:24 +02:00
Christophe Maudoux
894b8be541 By pass first access (#1867) 2019-08-21 23:40:23 +02:00
Maxime Besson
661a007b4a Check OIDC access token expiration (#1879) 2019-08-21 12:18:55 +02:00
Xavier
bef05c6f5d Merge branch 'v2.0' 2019-08-20 21:49:21 +02:00
Christophe Maudoux
b694b16a19 Avoid warning with Choice 2019-08-20 17:08:37 +02:00
Christophe Maudoux
8e9f4e513e Improve combination with FaceBook & LinkedIn 2019-08-17 17:27:14 +02:00
Christophe Maudoux
5985e6d258 Fix REST service (#1870) 2019-08-17 17:11:28 +02:00
Xavier
097183f2b3 Fix warning 2019-08-16 09:10:10 +02:00
Christophe Maudoux
28732d614b Merge branch 'v2.0' 2019-08-15 22:43:20 +02:00
Christophe Maudoux
78a82dbee9 Override OTT conf. for Upgrade tokens (#1884) 2019-08-15 22:01:44 +02:00
Maxime Besson
2e9f57ab6f Better default behavior for oidcServiceMetaDataIssuer (#1882) 2019-08-13 18:09:59 +02:00
Christophe Maudoux
7502e424e3 Revert "Concatenate pdata and lemon cookies in the same set-cookie header (#1863)" 
This reverts commit c3a01c042c
 2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c Concatenate pdata and lemon cookies in the same set-cookie header (#1863) 2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec Fix log level & improve e2e ini file (#1878) 2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8 Update manifest 2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8 Force remove pdata cookie to avoid loop (#1878) 2019-08-12 21:29:08 +02:00
Christophe Maudoux
09158f0084 Return whatToTrace instead of uid & Fix + Append unit test (#1664) 2019-08-10 12:38:25 +02:00
Christophe Maudoux
52fa94bd55 Sort functions & append comments 2019-08-10 11:13:56 +02:00
Christophe Maudoux
115cc9b027 Fix #1867 for 2.1 2019-08-09 23:34:54 +02:00
Christophe Maudoux
866d5457f3 Merge branch 'v2.0' 2019-08-09 23:33:59 +02:00
Christophe Maudoux
bee0e675f3 Revert "Fix langs directory (#1870)" 
This reverts commit b453647b26.
 2019-08-09 22:46:43 +02:00
Christophe Maudoux
b453647b26 Fix langs directory (#1870) 2019-08-09 22:11:05 +02:00
Maxime Besson
daa03a9a9c OIDC: tie client_id to authorization code (#1881) 2019-08-09 13:54:53 +02:00
Christophe Maudoux
9dac92064c Better fix & update unit tests (#1861) 2019-08-07 22:29:12 +02:00
Maxime Besson
9b24fd02e5 Log more detailed information about Kerberos failures 2019-08-07 19:35:35 +02:00
Christophe Maudoux
ce05b44172 Remove useless constants (#1867) 2019-08-06 22:42:17 +02:00
Christophe Maudoux
7aad470586 Delete pdata cookie after XML notif validation & Improve unit test (#1861) 2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064 Delete pdata cookie after notif validation & Improve unit test (#1861) 2019-08-06 22:25:09 +02:00
Xavier
ea713a3169 Avoid conflict in $req->data between DBI and LDAP 
Closes: #1875
 2019-08-06 21:54:41 +02:00
Christophe Maudoux
742e7417d4 Better fix (#1867) 2019-08-06 21:04:52 +02:00
Maxime Besson
8de0a89029 Give more customization options for 2F prompt messages 
new translations labels for mail and rest, and we now pass the 2F prefix
to templates. It's not used in the default skin, but it should help in
cases where extra second factors are used to offer the user a more
helpful prompt message
 2019-08-05 20:08:28 +02:00
Christophe Maudoux
bf20db03b9 Improve unit test & fix (#1867) 2019-08-04 22:39:14 +02:00
Christophe Maudoux
c1736f7f82 Catch error if setSecurity is undefined (#1874) 2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b Improve fix & unit test (#1874) 2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151 Fix & Improve unit test (#1874) 2019-08-03 22:48:07 +02:00
Christophe Maudoux
3a660bde24 Merge branch 'v2.0' 2019-08-03 11:18:06 +02:00
Christophe Maudoux
058ef90662 Append dependency 2019-08-03 11:05:12 +02:00
Christophe Maudoux
6ad07f9c4d Fix debug log 2019-08-03 11:04:58 +02:00
Christophe Maudoux
dcd0c53fde Fix warning message 2019-08-02 22:58:36 +02:00
Christophe Maudoux
46208d74fe Improve unit test (#1870) 2019-08-02 21:58:08 +02:00
Maxime Besson
15c3b0bbf8 Add Radius second factor (#1847) 2019-08-02 18:03:10 +02:00
Maxime Besson
68c8be333a Fix translation override in mails 2019-08-02 17:45:03 +02:00
Maxime Besson
c1afdbefac Add labels and logos to all 2F providers (#1873) 2019-08-01 17:27:14 +02:00
Christophe Maudoux
216d683f22 Fix debug log (#1870) 2019-08-01 11:59:02 +02:00
Christophe Maudoux
188c7be337 perltidy 2019-07-31 23:38:48 +02:00
Christophe Maudoux
ee5a705d2f Append REST API to retrieve error message (#1870) 2019-07-31 23:09:38 +02:00
Christophe Maudoux
499b16bd07 Merge branch 'v2.0' 2019-07-31 16:34:38 +02:00
Clément OUDOT
4ee49de4c2 Adapt grant_types_supported attribute (#1846) 2019-07-25 19:06:53 +02:00
Maxime Besson
c9dba5212e HTML-decode entityID from metadata (#1864) 2019-07-25 18:29:46 +02:00
Christophe Maudoux
3d6a7bd843 Sort notifications: JSON format (#1862) 2019-07-25 12:42:58 +02:00
Christophe Maudoux
bf5fe2246d Send specified parameters (#1851) 2019-07-25 12:00:37 +02:00
Christophe Maudoux
3082168617 Append HTTP method options (#1851) 2019-07-25 10:49:49 +02:00
Christophe Maudoux
c82fc0f572 Merge branch 'v2.0' 2019-07-23 16:03:10 +02:00
Christophe Maudoux
11f2d0f34a Improve notifications REST API & unit test (#1851) 2019-07-23 15:54:53 +02:00
Maxime Besson
d82f776df8 Allow multi instanciation of 2F modules (#1860) 
This commit adds a manager interface to declare multiple instances of a
single 2F module, in a manner similar to Combination.

An additional portal code reads the `sfExtra` variable to load the
declared modules.

An empty rules means the module will be always active.
 2019-07-22 19:30:37 +02:00
Christophe Maudoux
fb7a222c9d Append notifications REST API (#1851) 2019-07-22 15:39:59 +02:00
Christophe Maudoux
81aa2fb37b Improve test-lib & unit test (#1851) 2019-07-21 23:23:20 +02:00
Christophe Maudoux
3972861ba4 WIP - Improve unit test & need to fix list notifications feature!!! (#1851) 2019-07-21 22:47:48 +02:00
Clément OUDOT
f15e8bd108 Possibility to list notifications (#1851) 2019-07-21 20:47:16 +02:00
Christophe Maudoux
ca7ebe09f7 WIP - REST service to remove notification (#1851) 2019-07-20 22:25:03 +02:00
Christophe Maudoux
21c1d83df3 Typo 2019-07-20 13:28:48 +02:00
Christophe Maudoux
b705b10da8 Merge branch 'v2.0' 2019-07-17 12:26:55 +02:00
Christophe Maudoux
4eecd90230 Typo (#1857) 2019-07-17 12:20:30 +02:00
Christophe Maudoux
b99b76e2d6 Improve code (#1857) 2019-07-17 12:18:15 +02:00
Christophe Maudoux
d8b3eb2a34 Remove cipher cookie if notification refused (#1857) 2019-07-16 13:51:01 +02:00
Clément OUDOT
e12cb3a905 Fix loop on notifications (#1856) 2019-07-15 10:55:33 +02:00
Xavier
64c587417b Improvement 2019-07-12 19:09:55 +02:00
Clément OUDOT
c024ed0fe6 Improve logging when a notification is added by REST (#1853) 2019-07-12 18:34:55 +02:00
Xavier Guimard
3c6a301785 Keep original PATH_INFO during notification process (Fixes: #1852) 2019-07-12 10:33:36 +02:00
Christophe Maudoux
b7c8d30b3f Merge branch 'v2.0' 2019-07-10 12:16:43 +02:00
Clément OUDOT
c76dc52436 Adapt response_types_supported attribute in OpenID Connect metadata depending on configured flows (#1846) 2019-07-08 15:38:57 +02:00
Clément OUDOT
9b98893c44 Manage claims in ID token if no access token requested (#1846) 2019-07-08 15:15:13 +02:00
Christophe Maudoux
240617d8d8 Fix unit tests 2019-07-06 23:27:45 +02:00
Christophe Maudoux
d0da10b375 Improve code (#1664) 2019-07-06 23:00:35 +02:00
Christophe Maudoux
619ea8258f Improve unit test & fix warning - Expired sessions (#1783) 2019-07-06 23:00:24 +02:00
Christophe Maudoux
2d6c46920e Fix & improve unit test (#1844) 2019-07-05 22:53:48 +02:00
Xavier
88f75c42ed Set pdata domain also when removing cookie (#1829) 2019-07-05 06:43:11 +02:00
Christophe Maudoux
6a579644f8 Fix warning (#1842) 2019-07-04 23:20:11 +02:00
Christophe Maudoux
f38a583967 Improve code 2019-07-04 22:50:46 +02:00
Christophe Maudoux
2016abd2ee Send pdata cookie to cross domain (#1829) 2019-07-04 21:49:28 +02:00
Xavier
9cdfd4c9a6 Add notice when user is connected 2019-07-04 21:22:06 +02:00
Clément OUDOT
1ebbde9a50 Tidy code and add missing check on hash_level (#1835) 2019-07-04 09:49:01 +02:00
Xavier
a104db2f2d Clean logs 2019-07-04 07:24:50 +02:00
Xavier
d4fedbdfcf Duplicate log rules in Plugin manpage 2019-07-04 07:09:39 +02:00
Christophe Maudoux
6df12176de Disable secondFactor (#1783) 2019-07-03 23:21:19 +02:00
Christophe Maudoux
2f541370a6 perltidy (#1783) 2019-07-03 23:12:15 +02:00
Christophe Maudoux
03f2d89d0c ContextSwitching: Check (expiration) errors & Improve logs (#1783) 2019-07-03 23:08:50 +02:00
Christophe Maudoux
161d6cee0f Fix unit test warning (Auth-and-issuer-OIDC-authorization_code-with-none-alg.t) 2019-07-03 22:17:22 +02:00
Maxime Besson
6f058fb2fa Add manager manpages to deb 2019-07-03 15:17:16 +02:00
Xavier
78a4bb4987 ContextSwitching: Check (expiration) errors (#1783) 2019-07-03 06:47:33 +02:00
Christophe Maudoux
5a53fee2db WIP - Improve log (#1783) 2019-07-03 00:09:14 +02:00
Christophe Maudoux
42bc5efdb3 Use skin rules in plugins (#1828) 2019-07-02 22:17:53 +02:00
Christophe Maudoux
9c62a04f22 Improve code (#1783) 2019-07-02 22:08:17 +02:00
Christophe Maudoux
12e0853b51 Improve log (#1783) 2019-07-02 21:33:32 +02:00
Xavier
3b7a70e0b7 Merge branch 'v2.0' (with new tidy) 2019-07-02 20:12:11 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Clément OUDOT
e04a6f1983 Reject none algorithm when checking JWT signature (#1835) 2019-07-02 16:36:43 +02:00
Xavier Guimard
af63d55c08 Merge branch 'v2.0' 2019-07-01 20:21:42 +02:00
Clément OUDOT
60c03010ce Use Base64URL for JWT generation (#1834) 2019-07-01 17:29:35 +02:00
Christophe Maudoux
b94cbe0144 Fix default value (#1825) 2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c Fix default value (#1825) 2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06 Merge branch '1783' into v2.0 2019-06-30 19:00:41 +02:00
Xavier
1718efe6d5 Merge branch 'v2.0' 2019-06-30 09:37:15 +02:00
Christophe Maudoux
bcbea7bee0 Update version (#1825) 2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432 Don t mix && with and (#1825) 2019-06-29 21:35:13 +02:00
Christophe Maudoux
11d2909b0a WIP - Disable persistent sessions storage (#1825) 2019-06-29 21:10:16 +02:00
Christophe Maudoux
d97c36a97e Disable spoofed sessions (#1783) 2019-06-28 23:53:43 +02:00
Christophe Maudoux
897d04ac93 Merge branch 'v2.0' into 1783 2019-06-28 22:05:48 +02:00
Clément OUDOT
b0a69d3473 Use skin rules in 2F plugins (#1828) 2019-06-28 15:56:57 +02:00
Xavier
c921c295ed Use user skin in loadTemplate (Fixes: #1828) 2019-06-28 13:40:56 +02:00
Xavier Guimard
44a6e25851 Improve cryptographic functions (#1823) 2019-06-28 10:30:37 +02:00
Xavier
1a1ccd7568 Merge branch 'crypto-improvements' 2019-06-27 22:03:05 +02:00
Xavier
2fcaf52bcf Better random string generation (#1803) 2019-06-27 21:59:18 +02:00
Christophe Maudoux
bb39dca317 Append & update unit tests (#1783) 2019-06-27 21:54:14 +02:00
Christophe Maudoux
8ad895c3b8 Merge branch 'v2.0' into 1783 2019-06-27 21:11:56 +02:00
Xavier Guimard
264410409d Move CAS service verification from main to Issuer::CAS (#1795) 2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195 Check service= parameter on CAS logout (#1795) 
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.

In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.

If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
 2019-06-27 12:40:40 +02:00
Xavier Guimard
c7cb6594dd Fix bad merge 2019-06-27 10:24:44 +02:00
Xavier Guimard
72439d341f Merge branch 'v2.0' 2019-06-27 07:59:37 +02:00
Maxime Besson
5f9c4c231d Add authenticated routes to 2FA for session upgrade (#1822) 2019-06-26 23:33:00 +02:00
Xavier
3582cfb12b Don't keep pdata on upgrade (Fixes: #1821) 2019-06-26 21:47:01 +02:00
Xavier Guimard
e15a41bc66 Fix typo: s/templatesDir/templateDir/g (#1819) 2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b Disable external entities in XML parsers (Fixes: #1818) 2019-06-26 11:32:10 +02:00
Xavier
400b9eaab9 Revert "Better password generation (#1803)" 
This reverts commit b4ec8eaeeb.
 2019-06-26 06:19:07 +02:00
Christophe Maudoux
f11c34e9cd Cleaning code (#1783 & #1658) 2019-06-25 23:04:27 +02:00
Christophe Maudoux
f5587ac477 Improve code (#1783) 2019-06-25 22:01:20 +02:00
Xavier
b4ec8eaeeb Better password generation (Fixes: #1803) 2019-06-25 21:01:57 +02:00
Christophe Maudoux
0b567d6c15 Merge branch 'v2.0' into 1783 2019-06-25 20:23:48 +02:00
Christophe Maudoux
b9af5d1adc Use Id 2019-06-25 19:30:06 +02:00
Christophe Maudoux
7a97bc46c4 Improve code (#1783) 2019-06-25 19:28:05 +02:00
Xavier Guimard
3d1be3e7e5 Set negetive values for PE_PASSWORD_OK and PE_LOGOUT_OK (Fixes: #1816) 2019-06-25 17:38:08 +02:00
Xavier Guimard
1b4600b15c Merge branch 'v2.0' 2019-06-25 17:14:00 +02:00
Xavier Guimard
93ccb9fd76 Set Content-Length in Apache::Session::REST requests (#1813) 2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c Add searchOn() in Apache::Session::REST (#1813) 2019-06-25 09:18:58 +02:00
Christophe Maudoux
32cb9e3a8f Delete session (#1783) 2019-06-24 23:52:39 +02:00
Christophe Maudoux
266f2fdf02 Merge branch 'v2.0' into 1783 2019-06-24 23:36:54 +02:00
Christophe Maudoux
786e136754 Create session with ContextSwitching plugin (#1783) 2019-06-24 23:36:23 +02:00
Christophe Maudoux
28fd7ea0b8 Change log level (#1664) 2019-06-24 23:35:33 +02:00
Xavier
c5d6bc42b6 Add get_key_from_all_sessions in Apache::Session::REST (#1813) 2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9 In REST, PE_LOGOUT_OK must return 200 2019-06-24 23:06:15 +02:00
Christophe Maudoux
5efa6c111a Append log (#1783) 2019-06-23 22:56:05 +02:00
Christophe Maudoux
8d2367c6d7 Typo 2019-06-23 22:55:46 +02:00
Christophe Maudoux
e5f03f34d9 Append ContextSwitching plugin (#1783) 2019-06-23 22:19:40 +02:00
Christophe Maudoux
c24ff711a0 WIP - ContextSwitching (#1783) 2019-06-23 10:51:10 +02:00
Christophe Maudoux
bdc5007e43 Update sort condition (#1658) 2019-06-23 10:18:05 +02:00
Xavier
2e7b3c584a Fix LDAP Policy 2019-06-23 08:18:19 +02:00
Xavier
9e16e2b75c Merge branch 'v2.0' 2019-06-23 07:21:55 +02:00
Christophe Maudoux
dd94351f35 WIP - ContextSwitching (#1783) 2019-06-22 23:46:02 +02:00
Christophe Maudoux
8c47c913fe WIP - ContextSwitching (#1783) 2019-06-21 16:24:50 +02:00
Christophe Maudoux
b69ffc0ff8 WIP - ContextSwitching (#1783) 2019-06-21 15:23:06 +02:00
Christophe Maudoux
a2ebaf31b1 WIP - AdminImpersonation skeleton (#1783) 2019-06-19 18:13:17 +02:00
Christophe Maudoux
c4d4b482a5 Provide to plugins message display functions (#1796) 2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b Typo (#1664) 2019-06-18 21:57:40 +02:00
Christophe Maudoux
9ac5834bfe Merge branch 'v2.0' 2019-06-17 22:42:28 +02:00
Christophe Maudoux
9fa11709e6 Append options to use Notifications plugin & set notification reference (#1796) 2019-06-17 22:31:44 +02:00
Xavier
8b488e4d51 Move LDAP::getUser() to Lib::LDAP (Fixes: #1805) 2019-06-17 21:15:38 +02:00
Xavier
aff7527580 Fix bad call in LDAP (#1805) 2019-06-17 19:21:48 +02:00
Christophe Maudoux
1b4d1b5bdf Avoid notification reference to be truncated (#1796) 2019-06-16 20:57:53 +02:00
Christophe Maudoux
d6f3dd459a Display message (#1796) 2019-06-16 16:02:48 +02:00
Xavier
eabe1dc129 Fix UserDB::Proxy missing setSecurity() (#1723) 2019-06-15 22:27:58 +02:00
Xavier
fe55ba3567 Set Content-Type for JSON 401 response 2019-06-15 22:26:37 +02:00
Xavier
c1a8723b90 Don't stop auth process when remote response is 401 (#1723) 2019-06-15 21:28:54 +02:00
Xavier
d27e4bcc55 Merge branch 'v2.0' 2019-06-15 09:23:50 +02:00
Christophe Maudoux
ecf84e8a4d WIP (#1796) 2019-06-14 23:09:32 +02:00
Christophe Maudoux
fde6ff2cc8 WIP (#1796) 2019-06-14 23:09:32 +02:00
Xavier Guimard
5fbff01b27 Update versions 2019-06-14 17:27:54 +02:00
Xavier Guimard
65eaefa75f Tidy 2019-06-14 17:23:26 +02:00
Clément OUDOT
4e5c450b8b Return error if no code provided on token endpoint (#1802) 2019-06-14 16:05:39 +02:00
Xavier Guimard
e7bc7b3f4e Add restExportSecretKeys option (#1799) 2019-06-14 08:51:58 +02:00
Xavier
5dc5b88daa Permit to show $_password in REST session server (#1799) 2019-06-14 07:09:55 +02:00
Xavier
4ad0da0315 Fix syntax error (#1794) 2019-06-14 06:33:27 +02:00
Christophe Maudoux
73f689eca4 Fix 2F types (#1782) 2019-06-13 23:28:57 +02:00
Christophe Maudoux
c8295b60b5 Fix 2F types (#1782) 2019-06-13 23:27:30 +02:00
Xavier
c7ef665bf9 Fix #1782 2019-06-13 22:23:20 +02:00
Xavier
8d642da8cb Improve #1782 2019-06-13 22:10:30 +02:00
Xavier Guimard
2a021e37ea Don't require getDisplayType in Choice (#1800) 2019-06-13 17:51:36 +02:00
Xavier Guimard
020553ab6a Merge branch 'v2.0' 2019-06-13 10:09:18 +02:00
Maxime Besson
1a66da30f9 Store portal language in _language user session key (#1764) 2019-06-13 09:26:19 +02:00
Xavier
a2454ff4cc Merge branch 'v2.0' 2019-06-12 21:44:39 +02:00
Xavier
a6aaf8a507 Add XSS test (#1795) 2019-06-11 21:30:15 +02:00
Xavier
1a8948894d Check CAS "service" parameter (Fixes: #1795) 2019-06-11 21:02:43 +02:00
Maxime Besson
97d0bbf0aa Fix CASv2 logout (#1753) 2019-06-11 16:18:15 +02:00
Xavier Guimard
9e932b525c Merge branch 'issue1794-accentregister' into 'v2.0' 
Register: better handling of special chars (#1794)

See merge request lemonldap-ng/lemonldap-ng!78
 2019-06-10 22:57:34 +02:00
Maxime Besson
f195db2a5a Register: better handling of special chars (#1794) 2019-06-10 22:45:15 +02:00
Christophe Maudoux
aabb65629b Merge remote-tracking branch 'origin/v2.0' 2019-06-10 21:07:42 +02:00
Christophe Maudoux
7a3ded7efb Improve code (#1782) 2019-06-10 20:56:38 +02:00
Christophe Maudoux
441519a542 Typo (#1791) 2019-06-10 10:37:43 +02:00
Christophe Maudoux
8a35584e26 Fix empty hGroups (#1791) 2019-06-09 19:54:00 +02:00
Christophe Maudoux
63798f71f9 Change message condition (#1791) 2019-06-08 22:10:13 +02:00
Christophe Maudoux
b71f678f80 Filter SSO groups to merge (#1791) 2019-06-08 22:08:58 +02:00
Christophe Maudoux
e3c2766809 Test 2F TTL (#1782) 2019-06-07 19:51:51 +02:00
Xavier Guimard
f59681e80e Merge branch 'v2.0' 2019-06-07 17:48:32 +02:00
Xavier
94c2a0bc3b Add addAuthRouteWithRedirect() doc (#1787) 2019-06-06 23:02:46 +02:00
Xavier
f4bca7430a Add addAuthRouteWithRedirect() method to Try (#1787) 2019-06-06 22:59:02 +02:00
Xavier Guimard
946384272e Partial revert "Typo" 
This reverts commit f63a63eedb.
 2019-06-06 16:00:49 +02:00
Christophe Maudoux
801e2a17d6 Better fix (#1769) 2019-06-05 15:27:58 +02:00
Christophe Maudoux
30c4a9c787 setSecurity if failed login (#1769) 2019-06-05 11:29:04 +02:00
Christophe Maudoux
f63a63eedb Typo 2019-06-05 11:25:50 +02:00
Christophe Maudoux
f3a37d2387 Merge remote-tracking branch 'origin/v2.0' 2019-06-04 23:26:19 +02:00
Christophe Maudoux
c044ebc473 Fix functions parameter (#1774) 2019-06-04 23:18:06 +02:00
Christophe Maudoux
eab00052f3 Fix debug msg (#1774) 2019-06-04 20:42:54 +02:00
Christophe Maudoux
95b188ccfe Fix grant parameter, append warning msg & debug logs (#1774) 2019-06-04 18:19:33 +02:00
Xavier Guimard
ee661fc61d Merge branch 'v2.0' 2019-06-04 17:59:55 +02:00
Christophe Maudoux
18dd7c2c41 Append debug msg (#1765) 2019-06-04 16:19:01 +02:00
Christophe Maudoux
f69b829f6c Restore loginHistory (#1780) & Improve code 2019-06-02 22:40:00 +02:00
Christophe Maudoux
054fda9cfd Fix warnings (#1781) 2019-06-01 23:22:20 +02:00
Christophe Maudoux
491c54a3ee Fix Impersonation with 2FA (#1781) 2019-06-01 19:13:45 +02:00
Christophe Maudoux
e36ce98dda SetSecurity with AuthChoice (#1769) 2019-06-01 11:47:49 +02:00
Christophe Maudoux
35f1677747 Append unit test and fix CORS headers (#1765) 2019-05-31 17:50:44 +02:00
Christophe Maudoux
132e57b4b3 Manage CORS headers (#1765) 2019-05-31 17:00:39 +02:00
Christophe Maudoux
59f6106ba6 Merge remote-tracking branch 'origin/v2.0' 2019-05-31 00:16:07 +02:00
Christophe Maudoux
432f2655bb Fix if no userDB (#1774) 2019-05-30 12:26:50 +02:00
Christophe Maudoux
04603c0169 Fix warning (#1774) 2019-05-30 12:26:50 +02:00
Xavier Guimard
6b5677b4ce Tidy (#1774) 2019-05-29 14:20:46 +02:00
Christophe Maudoux
224137462a Tidy (#1774) 2019-05-29 00:08:48 +02:00
Christophe Maudoux
a89f83294b Retrieve session from DB if exists & Improve unit test (#1774) 2019-05-28 23:55:54 +02:00
Xavier
f75093d433 Merge branch 'v2.0' 2019-05-28 22:12:50 +02:00
Xavier Guimard
8fd3f6be90 Merge branch 'issue1521-appmenu' into 'v2.0' 
Preserve applicationList key names (#1521)

See merge request lemonldap-ng/lemonldap-ng!76
 2019-05-28 22:10:53 +02:00
Xavier
db2ee96bc8 Update versions (#1777) 2019-05-28 22:04:45 +02:00
Xavier
f0842569c2 Don't erase pdata on 404 errors (#1778) 2019-05-28 21:58:22 +02:00
Xavier
82171e9a90 Fix missing $req in SLO responses (#1777) 2019-05-28 21:45:54 +02:00
Xavier
acd6ba50e8 Fix some missing $req (#1777) 2019-05-28 19:52:08 +02:00
Christophe Maudoux
5126e9003b Allow double sessions for double cookies with singleSession (#1775) 2019-05-28 17:32:06 +02:00
Maxime Besson
b12992755f Preserve applicationList key names (#1521) 
Previously, every configuration save from the manager would overwrite
applicationList key names to preserve their ordering.

This commit introduces a new "order" key in the JSON config instead.
 2019-05-28 15:38:26 +02:00
Christophe Maudoux
dece7d8aa0 Allow double sessions for double cookies (#1775) 2019-05-27 22:42:02 +02:00
Xavier Guimard
1509d44d5f Merge branch 'v2.0' 2019-05-27 12:03:45 +02:00
Christophe Maudoux
26233106a5 Set _updateTime session value (#1771) 2019-05-26 11:56:58 +02:00
Christophe Maudoux
3dd4c52c65 Update version (#1766) 2019-05-26 10:33:39 +02:00
Xavier Guimard
4678649367 Merge branch 'v2.0' 2019-05-24 10:23:40 +02:00
Christophe Maudoux
0e47cb4f5b Fix warning message 2019-05-23 15:52:11 +02:00
Maxime Besson
0babf4c6c3 Fix non-sso session removal in SoapServer 
closes #1762
 2019-05-21 17:30:37 +02:00
Christophe Maudoux
59f07b7b8f Avoid to renew double cookie sessions for refresh request (#1747) 2019-05-20 23:03:10 +02:00
Christophe Maudoux
29b7341345 Change code order (#1749) 2019-05-19 13:40:46 +02:00
Christophe Maudoux
006f862a69 Cleaning code (#1755) 2019-05-17 22:18:09 +02:00
Clément OUDOT
c024952b8f Do not fail if no RP or no OP configured (#1759) 2019-05-17 16:00:33 +02:00
Xavier Guimard
9d0a07f04c Simplify Display.pm 2019-05-17 10:26:45 +02:00
Xavier Guimard
857ee8b0a0 Move captcha template parameters into plugin (#1652) 2019-05-17 10:26:45 +02:00
Xavier
8c562c7817 Modularize Display/login (#1652) 2019-05-17 10:26:45 +02:00
Xavier Guimard
5a1c090a18 Merge branch 'v2.0' 2019-05-17 10:26:19 +02:00
Xavier
b91d1d4b87 Tidy 2019-05-16 20:45:14 +02:00
Xavier
a2e78c88c3 Set versions 2019-05-16 20:42:31 +02:00
Xavier
1186aba52b lmError(): return JSON if wanted (#1745) 2019-05-16 06:50:13 +02:00
Christophe Maudoux
e46fac82b2 CheckUser with tokenGlobalStorage & Warn if SSO groups are merged 2019-05-15 23:45:06 +02:00
Xavier Guimard
bdc68d5833 Merge branch 'v2.0' 2019-05-15 14:25:57 +02:00
Maxime Besson
1f1eeab9c8 Do not log a warning when displaying form with Combination 
When form-based authentication methods return PE_FIRSTLOGIN, do not log
a warning because it's normal behavior to show the form.
 2019-05-14 19:47:28 +02:00
Christophe Maudoux
fc034ad4bf Impersonation with doubleCookie (#1746) 2019-05-12 22:59:21 +02:00
Clément OUDOT
05cd4d4a58 Fix update token with global storage (#1742) 2019-05-12 20:39:25 +02:00
Clément OUDOT
682b193477 Use TOKEN kind for mail password reset sessions (#1743) 2019-05-12 20:04:38 +02:00
Clément OUDOT
07de622e83 Fix getRegisterSession and getMailSession (#1743) 2019-05-12 17:36:14 +02:00
Xavier
9a71709f44 Tidy 2019-05-11 23:03:48 +02:00
Christophe Maudoux
8737fc0808 Impersonation with doubleCookie & Append unit test (#1746) 2019-05-11 22:57:52 +02:00
Xavier
224307515f Merge branch 'v2.0' 2019-05-11 20:25:11 +02:00
Xavier
f3c4ea0afb Tydy 2019-05-11 20:18:43 +02:00
Christophe Maudoux
aeead582d8 Restore _httpSession (#1746) 2019-05-11 19:07:07 +02:00